An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with Man-in-the-Middle attacks.
HP has announced to its customers that it will soon revoke a specific private digital certificate that they used to sign some software components that ship with some of its older products, because the certificate has also been used to sign malicious software.
If you are a Mozilla Firefox, Thunderbird or Seamonkey user, you should implement the latest patches issued by the company as soon as possible, as they fix a critical bug whose exploitation can lead to successful Man-in-the-Middle attacks.
The surge in the number of data breaches and recent security bugs such as Heartbleed has generated strong interest in digital certificates and technologies, including SSL and PKI.
As the world becomes more dependent, and some might say blindly so, on digital certificates it’s only natural that attackers will seek to circumvent this trust.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.